From: Wouter Wijngaards Date: Wed, 27 Feb 2019 06:56:21 +0000 (+0000) Subject: - Fix #4229: Unbound man pages lack information, about access-control X-Git-Tag: release-1.9.1rc1~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=beebe5ba0c2e14d5f6ca435e0036c5aceb0024ba;p=thirdparty%2Funbound.git - Fix #4229: Unbound man pages lack information, about access-control order and local zone tags, and elements in views. git-svn-id: file:///svn/unbound/trunk@5123 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index 89c0eb3df..12634deb9 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,7 @@ +27 February 2019: Wouter + - Fix #4229: Unbound man pages lack information, about access-control + order and local zone tags, and elements in views. + 25 February 2019: Wouter - Fix #4227: pair event del and add for libevent for tcp_req_info. diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 3efdb9216..0567c4d34 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -546,6 +546,7 @@ classless network block. The action can be \fIdeny\fR, \fIrefuse\fR, \fIallow\fR, \fIallow_setrd\fR, \fIallow_snoop\fR, \fIdeny_non_local\fR or \fIrefuse_non_local\fR. The most specific netblock match is used, if none match \fIdeny\fR is used. +The order of the access\-control statements therefore does not matter. .IP The action \fIdeny\fR stops queries from hosts from that netblock. .IP @@ -1367,7 +1368,8 @@ TTL can be inserted like this: "2001:DB8::4 7200 www.example.com" Assign tags to localzones. Tagged localzones will only be applied when the used access-control element has a matching tag. Tags must be defined in \fIdefine\-tags\fR. Enclose list of tags in quotes ("") and put spaces between -tags. +tags. When there are multiple tags it checks if the intersection of the +list of tags for the query and local\-zone\-tag is non-empty. .TP 5 .B local\-zone\-override: \fI Override the localzone type for queries from addresses matching netblock. @@ -1724,7 +1726,9 @@ data (eg. from the master servers). There may be multiple .B view: clauses. Each with a \fBname:\fR and zero or more \fBlocal\-zone\fR and -\fBlocal\-data\fR elements. View can be mapped to requests by specifying the +\fBlocal\-data\fR elements. Views can also contain view\-first, +response\-ip, response\-ip\-data and local\-data\-ptr elements. +View can be mapped to requests by specifying the view name in an \fBaccess\-control\-view\fR element. Options from matching views will override global options. Global options will be used if no matching view is found, or when the matching view does not have the option specified.